[thelist] Restricting Internet Access by LAN IP
Matthew Lewis
matthewhse at gmail.com
Tue Jun 28 17:50:21 CDT 2005
Okay, I'm not very experienced with using the hosts file beyond very
basic purposes. What would I have to do to disallow DNS lookups for
sites that aren't in the hosts file? The first option you listed below
sounds a little more complex than I want to get into, seeing as how I'm
doing the whole job for free anyway. The second option, setting the
computer's DNS to not get service and give DNS resolution by the hosts
file, sounds doable but I'm not sure how to get started. If anyone could
provide a quick example, I'd appreciate it.
> ...Unfortunately, I can't get a Linux machine for this network...
> just wondering WHY you can't get a linux
> box on the network? As this is the simplest
> solution wondering what the restriction is so
> we don't come up with a solution that has
> the same problem.
The problems are that the organization in question doesn't have money
for another box to install Linux on, and if it did, I must confess that
I have absolutely no experience using anything on Linux beyond web
applications. I'd hate to have them buy something only to find out that
I still can't get the system running anytime soon. I think the hosts
file will be the easiest alternative at this point, if someone can head
me in the right direction with it. I wish I could get Squid to work on
one of the Windows boxes - but I gave it a try and got absolutely
nowhere with it.
Thanks for all the ideas guys,
Matthew
Joshua Olson wrote:
>>-----Original Message-----
>>From: Ken Schaefer
>>Sent: Monday, June 27, 2005 9:23 PM
>>
>>
>
>
>
>>A HOSTS file will work.
>>
>>
>
>The hosts file may help, but is not a total solution. You would need to
>disallow DNS lookups for sites NOT in the hosts file. You could, in theory,
>set the DNS of the machines in question to either an in-house DNS server
>that only has records for a few sites (those that are allowed) or set the
>computer's DNS to something that provides no service and provide DNS
>resolution via the hosts file.
>
><><><><><><><><><><>
>Joshua L. Olson
>WAE Tech Inc.
>http://www.waetech.com/
>Phone: 706.210.0168
>Fax: 413.812.4864
>
>Monitor bandwidth usage on IIS6 in real-time:
>http://www.waetech.com/services/iisbm/
>
>
>
>
More information about the thelist
mailing list